3 matches found
CVE-2021-39662
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2021-39662
creationtimestamp| type| source ---|---|--- 2022-02-11 20:34:56+00:00| seen| https://t.me/cibsecurity/37332...
CVE-2021-39662
Summary (CVE-2021-39662): In Android’s MediaProvider (MediaProvider.java), a missing permission check in checkUriPermission could allow local elevation of privilege by accessing media provider collections. The issue is exploitable with local access and does not require user interaction, as stated...